<p>Whether they are disallowed locally for security, license, or dependability reasons, forbidden dependencies should not be used. </p>
<p>This rule raises an issue when the group or artifact id of a dependency matches the configured forbidden dependency pattern. </p>

<h2>Noncompliant Code Example</h2>
<p>With a parameter of: <code>*:.*log4j.*</code></p>
<pre> 
&lt;dependency&gt; &lt;!-- Noncompliant --&gt; 
    &lt;groupId&gt;log4j&lt;/groupId&gt;
    &lt;artifactId&gt;log4j&lt;/artifactId&gt; 
    &lt;version&gt;1.2.17&lt;/version&gt; 
&lt;/dependency&gt; 
</pre>

